Professional Documents
Culture Documents
User Guide
CONTENTS
ABOUT THIS GUIDE .............................................................................................................................................. 5
In this document ................................................................................................................................................ 5
Document conventions ...................................................................................................................................... 7
KASPERSKY SECURITY CENTER WEB-CONSOLE .............................................................................................. 8
2
CONTENTS
GLOSSARY ......................................................................................................................................................... 48
INDEX.................................................................................................................................................................. 55
3
USER GUIDE
Dear User,
Thank you for choosing our product. We hope that you will find this documentation useful and that it will provide answers
to most questions that may arise.
Attention! This document is the property of Kaspersky Lab ZAO (herein also referred to as Kaspersky Lab): all rights to
this document are reserved by the copyright laws of the Russian Federation and by international treaties. Illegal
reproduction or distribution of this document or parts hereof will result in civil, administrative, or criminal liability under
applicable law.
Any type of reproduction or distribution of any materials, including translations, may be allowed only with written
permission from Kaspersky Lab.
This document and related graphic images can be used exclusively for informational, non-commercial, or personal use.
This document may be amended without prior notice. You can find the latest version of this document at the Kaspersky
Lab website, at http://www.kaspersky.com/docs.
Kaspersky Lab assumes no liability for the content, quality, relevance, or accuracy of any third-party materials used
herein, or for any potential harm associated with the use of such materials.
http://www.kaspersky.com
http://support.kaspersky.com
4
ABOUT THIS GUIDE
This document provides information about Kaspersky Security Center Web-Console and instructions on proper use of
the application.
This document is aimed at technical specialists (administrators) in organizations where a security system built on
Kaspersky Lab solutions is used as a service (provided by a network protection service provider).
If you have any questions on how to use Kaspersky Security Center Web-Console, you can find answers in this User
Guide and in the integrated Help system. To use Help for Kaspersky Security Center Web-Console, open the main
application window and click the icon.
IN THIS SECTION:
IN THIS DOCUMENT
This document consists of sections with descriptions of features and instructions, glossary and index.
This section contains general information about Kaspersky Security Center Web-Console, its purpose, and its
architecture.
This section lists the software that must be installed before you start using the application.
This section describes the purpose of tabs and other interface elements located on the pages of the Kaspersky Security
Center Web-Console web portal.
This section provides instructions on how to get prepared for connection and how to connect to Administration Server
using Kaspersky Security Center Web-Console.
This section provides instructions on how to find information on the status of the protection system covering networked
computers managed by Administration Server to which the application is connected.
This section provides information on how to view lists of computers on your network and their respective properties.
5
USER GUIDE
This section provides instructions on how to install Kaspersky Lab applications and third-party applications to computers
on your network in remote and local installation modes.
This section provides information about how to manage policies created for computers on your network.
This section provides information about how to manage tasks created for computers on your network.
This section provides instructions on how to view, print, and send by email reports of Administration Server to which the
application has been connected, and how to save report data to a file.
This section provides instructions on how to set a new password for your account.
Glossary
This section provides information about the third-party code used in the application.
This section provides information about trademarks used in the document and their respective owners.
Index
6
ABOUT THIS GUIDE
DOCUMENT CONVENTIONS
Document conventions described in the table below are used in this document.
Notes are framed in dotted-line boxes. Notes contain additional and reference
We recommend that you use... information.
Example: Example blocks have a yellow background, and the heading "Example".
...
help Text in the command line and text of messages displayed on the screen have a
special font.
<Your computer's IP address> Variables are enclosed in angle brackets. Instead of a variable, the
corresponding value must be entered in each case; the angle brackets are
omitted.
7
KASPERSKY SECURITY CENTER WEB-
CONSOLE
Kaspersky Security Center Web-Console is a web application designed to manage the status of the security system of
an organization's network protected by Kaspersky Lab applications.
Install Kaspersky Lab applications to computers on your network and manage installed applications
Manage the delivery of reports to interested parties: system administrators and other IT specialists
Kaspersky Security Center Web-Console runs on the side of the service provider that provides protection to your
network. The protection service provider is responsible for application installation and maintenance. You do not have to
install and run Kaspersky Security Center Web-Console on your computer to work with it. All you need is a web browser
(see section "Software requirements" on page 10).
The figure below shows how Kaspersky Security Center Web-Console works.
8
KASPERSKY SECUR ITY CENTER WEB-CONSOLE
Kaspersky Security Center Web-Console interacts with Kaspersky Security Center Administration Server, which is
located at the protection service provider. Administration Server is an application designed for managing Kaspersky Lab
applications installed on computers in your network. Administration Server connects to the computers of your network
over channels protected by the Secure Socket Layer (SSL) protocol.
Kaspersky Security Center Web-Console provides a web interface that ensures interaction between your computer and
Administration Server over a web browser. When you connect to Kaspersky Security Center Web-Console using your
web browser, the latter establishes an encrypted (HTTPS) connection with Kaspersky Security Center Web-Console.
1. Use a web browser to connect to Kaspersky Security Center Web-Console, where the pages of the application
web portal are displayed.
2. Use web portal controls to choose a command that you want to run. Kaspersky Security Center Web-Console
performs the following operations:
If you have chosen a command used for reception of information (for example, to view a list of
computers), Kaspersky Security Center Web-Console generates a request for information to Administration
Server, receives the required data, and sends them to the web browser in an easy-to-view format.
If you have chosen a command used for management (for example, remote installation of an application),
Kaspersky Security Center Web-Console receives the command from the web browser and sends it to
Administration Server. Then the application receives the result from Administration Server and sends it to
the web browser in an easy-to-view format.
9
SOFTWARE REQUIREMENTS
This section lists software requirements for the use of Kaspersky Security Center Web-Console.
You can manage Kaspersky Security Center Web-Console via a web browser. The following are the types and versions
of web browsers, and the types and versions of operating systems that you can use to work with the application.
Microsoft Internet Explorer 7.0 or later running under one of the following operating systems:
Microsoft Windows 7
Microsoft Windows 8
Firefox 16.0 or 17.0 running under one of the following operating systems:
Microsoft Windows 7
Microsoft Windows 8
Fedora 16
10
APPLICATION INTERFACE
After you have established a connection to Administration Server, the main window of Kaspersky Security Center Web-
Console opens in the web browser (see figure below).
The upper part of the main window contains the following interface elements:
The Protection Status, Infrastructure, and Reports tabs to access the main features of the application.
End User License AgreementLink to the page with the End User License Agreement (EULA).
Frequently Asked QuestionsLink to the page with frequently asked questions (FAQ).
Links can be modified by the service provider's administrator. Some links may be missing.
The informational area is the principal part of the main application window. The contents of the informational area vary
according to the tab that is selected:
Protection Status: Contains information on the protection status of network computers. In the top part of the
tab you can select one of the following sections: General status, Real-time protection status, Update status.
After you select a section, a chart appears on the right showing statistics, while the bottom part of the tab
displays a list with information about the statuses of computers.
11
USER GUIDE
Infrastructure. Designed for obtaining information about administration groups, computers, and policies and
tasks created for them. The informational area of the tab is divided into two parts. The menu contains
administration groups. The right part of the informational area contains three second-level tabs: Policies,
Tasks, and Computers.
Reports. Designed for viewing reports. The informational area of the tab is divided into two parts. The menu
contains reports. The results pane displays the content of a selected report.
SEE ALSO:
12
CONNECTING TO ADMINISTRATION
SERVER
This section provides instructions on how to get prepared for connection and how to connect to Administration Server
using Kaspersky Security Center Web-Console.
IN THIS SECTION:
Before connecting to the Administration Server, make sure the following components are supported by your web
browser:
JavaScript
Cookies
If support of these components is disabled, enable it. You can find information in the browser Help about how to enable
support of JavaScript and cookies in your web browser.
User name
Password.
13
USER GUIDE
2. In the Address bar of the web browser, enter the web portal address that you received from the service provider
administrator (see section "Preparing to connect to Administration Server" on page 13), Open this URL.
If you are connecting to Administration Server for the first time, the License Agreement window opens in the
web browser. If you have connected to Administration Server earlier, a window for entering the user name and
password opens in the web browser.
3. If you are connecting to Administration Server for the first time, perform the following operations in the License
Agreement window:
a. Read through the License Agreement. If you accept all of its terms, select the Accept terms of the
License Agreement check box.
In the web browser, a window opens, prompting you to enter your user name and password.
6. In the Administration Server field enter the name of Administration Server to which you want to connect. Click
the Log in button.
The main application window opens (see section "Application interface" on page 11).
If you have an error returned after attempting to connect to Administration Server, contact the service provider
administrator to solve the issue.
14
NETWORK PROTECTION STATUS
Kaspersky Security Center Web-Console allows you to receive information about the status of the protection system
covering computers on the network managed by Administration Server.
You can receive the following information about the state of computers in your network:
The Administration Server assigns a status to the computer based on information about its protection status.
The Warning or Critical status is assigned if there are factors that lower the protection level of the computer
(such as inactivity of the anti-virus application, outdated databases, or a large number of objects remaining
infected). The list of factors for Warning and Critical statuses is created by the service provider's administrator.
Real-time protection status information on the status of an anti-virus protection component in Kaspersky Lab
applications installed on computers in your network.
Update status information on the update status of the anti-virus application database on computers in your
network.
IN THIS SECTION:
1. Open the main application window (see section "Application interface" on page 11).
15
USER GUIDE
The Computer status item in the menu is selected (see the following figure).
The results pane displays a pie chart. It shows the numbers and percentages of computers with Critical, Warning and OK
statuses.
The lower part of the window contains a list of computers. The list of computers contains the following information:
Description. Messages that explain the causes of the lowered protection levels on computers that have
Warning and Critical statuses (such as Real-time protection is paused or The update task has not been started
in more than 3 days).
To view information about a specific computer, use the following interface elements to locate the computer in the list:
Buttons Goes to the next / previous, first / last page of the list of the computers.
Icon Sorts computer names on the list of computers in ascending or descending alphabetical order.
The window with information about the properties of a computer can be opened by clicking the line with the computer
name.
16
NETWORK PROTECTION STATUS
SEE ALSO:
1. Open the main application window (see section "Application interface" on page 11).
3. In the menu, click Real-time protection status (see the following figure).
The results pane displays a pie chart. It contains information about the status of the protection component in the
applications installed on computers on your network.
The chart shows the numbers and the percentages of computers where the protection component has the following
statuses:
Unknown
Stopped
Paused
17
USER GUIDE
Launching
Running
Failure
The lower part of the window contains a list of computers. The list of computers contains the following information:
Description. Messages that explain the causes of the lowered protection levels on computers that have
Warning and Critical statuses (such as The number of infected objects is too large or License term expired).
To view information about a specific computer, use the following interface elements to locate the computer in the list:
Buttons Goes to next / previous, first / last page of the list of computers.
Icon Sorts computer names on the list of computers in ascending or descending alphabetical order.
The window with information about the properties of a computer can be opened by double-clicking the line with the
computer name.
SEE ALSO:
1. Open the main application window (see section "Application interface" on page 11).
18
NETWORK PROTECTION STATUS
3. In the left part of the window click Update status (see the following figure).
The upper part of the section displays a bar chart. The bar chart contains information on the state of the anti-virus
application on your network computers.
The bar chart displays the number of computers on which the anti-virus application databases have the following
statuses:
More than a week agoDatabases were updated more than a week ago.
The lower part of the window contains a list of computers. The list of computers contains the following information:
Description. Messages that explain the causes of the lowered protection levels on computers that have
Warning and Critical statuses (such as Real-time protection is paused or The update task has not been started
in more than 3 days).
To view information about a specific computer, use the following interface elements to locate the computer in the list:
19
USER GUIDE
More than a week ago button Displays computers with More than a week ago status.
Buttons Goes to next / previous, first / last page of the list of computers.
Icon Sorts computer names on the list of computers in ascending or descending alphabetical order.
The window with information about the properties of a computer can be opened by double-clicking the line with the
computer name.
SEE ALSO:
20
MANAGING COMPUTERS
This section provides information about computers on your network and administration groups and details on how to view
lists and properties of computers.
IN THIS SECTION:
The computers in your network that have Kaspersky Lab applications installed are assigned to administration groups.
Administration groups are sets of computers grouped by function and installed Kaspersky Lab applications.
By default, Administration Server contains the Managed computers administration group. After Kaspersky Lab
applications are installed to a networked computer, the computer is added to the Managed computers administration
group. The service provider's administrator can create other administration groups and assign computers to these
groups. An administration group can contain other administration groups.
Computers included in an administration group are referred to as managed. You can add your networked computers to
the list of managed computers, to the Managed computers administration group. To do this, first install the Kaspersky
Lab anti-virus application.
Using Kaspersky Security Center Web-Console, you can receive information about managed computers from
Administration Server: view the list of computers and the properties of managed computers.
SEE ALSO:
1. Open the main application window (see section "Application interface" on page 11).
4. In the left part of the window click an administration group for which you want to view a list of computers:
If you want to see the list of all managed computers, select the Managed computers group.
If you want to view the list of managed computers in a particular administration subgroup, select one from
the groups tree located under the Managed computers administration group.
21
USER GUIDE
A list of computers from the selected administration group is displayed (see the following figure).
Description. Messages that explain the causes of the lowered protection levels on computers that have
Warning and Critical statuses (such as Real-time protection paused or Update task has not been started in
more than 3 days).
To view information about a specific computer, use the following interface elements to locate the computer in the list:
Buttons Goes to the next / previous, first / last page of the list of the computers.
Icon Sorts computer names on the list of computers in ascending or descending alphabetical order.
22
MANAGING C OMPUTERS
The window with information about the properties of a computer can be opened by clicking the line with the computer
name.
SEE ALSO:
1. Open the main application window (see section "Application interface" on page 11).
3. In the left part of the window, in the administration groups list, select the administration group where your
computer is located.
The right part of the window displays the list of computers for the selected administration group.
4. In the list select a computer for which you want to view the properties, and click the line with the computer name
to open the window with information about the computer properties (see figure below).
23
USER GUIDE
The top part of the window provides information about the following properties of the computer:
Network name. Network name of the computer. The network name matches the computer name that is
displayed in the left part of the window.
Last update. Date of last update of applications or Kaspersky Lab anti-virus databases on the computer.
Visible. Date and time from which the computer is visible in the network.
Last connection to Server. Date and time of last connection to Administration Server.
IP connection address. Network address for the connection to Administration Server. For example, if you
connect to Administration Server by means of a proxy server, enter the proxy server address.
Warnings that contain information about the causes of decreased computer anti-virus protection, such as out-of-
date anti-virus databases or large number of infected objects on computer. Warnings are displayed if the
computer protection status is Warning or Critical.
The lower part contains the Applications section providing information about Kaspersky Lab applications installed on
the computer.
The Applications section is displayed only if any Kaspersky Lab applications have been installed on the computer.
Application properties, such as the application version or the date of the last update. The list of application
properties is displayed after the application name. Each application has its own set of properties.
To view the properties of an application, you can use the following interface elements:
Icon opens the information section that contains the properties of an application.
Icon closes the information section that contains the properties of an application.
SEE ALSO:
24
INSTALLING APPLICATIONS TO
NETWORKED COMPUTERS
This section provides instructions on how to install Kaspersky Lab applications and third-party applications to computers
on an organization's network in remote installation and local installation modes.
IN THIS SECTION:
Remote installation (referred to as remote installation mode). Remote installation allows you to install an
application to several computers on your network at once. You can run and control remote installation through
the application web portal.
Local installation (referred to as local installation mode). Local installation is required, for example, in case
remote installation fails. You can allow enterprise network users to perform unassisted local installation of
applications to their computers.
Applications that are available for installation, are stored on Administration Server as installation packages (see section
"About installation packages" on page 26).
SEE ALSO:
25
USER GUIDE
To have a stable access to the Internet and to the rest of computers within the administration group where it
distributes updates
Only after you have assigned one of the computers on your network to be the update agent and installed Kaspersky Anti-
Virus to it (see section "Defining an Update Agent" on page 27), you can install applications to other computers on your
network in remote installation mode.
SEE ALSO:
Installation packages are created and distributed by the service provider administrator.
Installation packages are used for remote installation of Kaspersky Lab applications and third-party applications to client
computers through the remote management system called Kaspersky Security Center Web-Console (see section
"Remote installation mode" on page 27).
You can install Kaspersky Lab applications and third-party applications to computers on your network in local installation
mode (see section "Local installation mode" on page 32), as well as allow users of your network to perform unassisted
installation of applications to their computers. To do this, you can use Kaspersky Security Center Web-Console to
publish installation packages of applications.
SEE ALSO:
26
INSTA LLING APPLICATIONS TO NETWOR KED C OMPUTERS
To activate the remote installation feature, you should first assign one of the computers on your network to be the update
agent and install Kaspersky Anti-Virus to it (see section "Defining an Update Agent" on page 27). After that, you will be
able to run remote application installation to computers on your network.
Kaspersky Security Center Web-Console performs remote installation of applications in background mode. During
remote installation you can use other features of the application, as well as view information about the status of remote
installation for each of the computers on which remote installation has been started.
IN THIS SECTION:
To install Kaspersky Anti-Virus to a computer and assign that computer to be the update agent:
1. Open the main application window (see section "Application interface" on page 11).
3. Click the Add computer link in the pane to the left to start the Application Setup Wizard.
4. Click the Install locally on each computer using distribution package button.
If the application has detected no published installation packages, you will be prompted to publish installation
packages (see section "Publishing installation packages" on page 32). After installation packages are published,
the application installation continues.
5. Download the Kaspersky Anti-Virus distribution package to your computer. and click the Download button next
to the application name.
7. Copy (using, for example, an external medium or the network) the downloaded Kaspersky Anti-Virus distribution
package to the computer on your network that you have assigned the update agent. Install Kaspersky Anti-Virus
from the distribution package, following the Distribution Package Installation Wizard's instructions.
27
USER GUIDE
After Kaspersky Anti-Virus is successfully installed to the update agent, this computer will be automatically added to
the Managed computers administration group. The option of remote application uninstallation becomes available in
the Application Setup Wizard at the next startup.
The update agent is displayed on the list of computers the next time you log on to Kaspersky Security Center Web-
Console web portal or refresh the list.
If an error message is displayed during the installation, contact your service provider's administrator.
1. Open the main application window (see section "Application interface" on page 11).
3. Click the Add computer link in the pane to the left to start the Application Setup Wizard.
4. Click the Install to one or more computers in network using installation package button.
5. In the list, select the installation package of an application that you want to install, and click the Next button.
A window opens, showing a list of computers on your network to which you can install the application.
If you have assigned none of the computers in your network to be the update agent and have not installed
Kaspersky Anti-Virus to none of them, no computers from your network are displayed on the list of computers in
the Application Setup Wizard window. In this case, you cannot run remote installation of the application to
computers on your network.
6. Select the check boxes for computers to which you want to install the application. If you want to install the
application to all computers on the list, select the Computer name check box. Click Next.
28
INSTA LLING APPLICATIONS TO NETWOR KED C OMPUTERS
Create a list of accounts that have administrator privileges on computers that are selected for installation
(see the following figure).
b. In the Password text box, enter the password for the account.
The added account appears on the list of accounts in the lower part of the window.
29
USER GUIDE
The new name and password of the selected account will be saved.
To delete an account from the list, in the list of accounts select an account that you want to delete and click
the Remove button.
To modify the order in which the setup wizard applies the accounts when starting remote installation on
computers:
To move the account up in the list, select an account and click the Move up button.
To move the account down in the list, select an account and click the Move down button.
The remote installation starts on the computers you selected. The Installing <Application name> to the
following computers window opens, containing a list of tasks of application installation to selected computers
of your network.
You can view the list of installation tasks using the following interface elements:
Icon Sorts the list of installation tasks by the selected field in ascending or descending
alphabetical order.
30
INSTA LLING APPLICATIONS TO NETWOR KED C OMPUTERS
The section of information about the computer on which remote application installation has been run, contains
the following information:
Status. Application installation status. After remote installation is started, the status changes to
Installation in progress.
8. To exit the Application Setup Wizard, click the Finish button. The installation tasks keep on running.
If the remote installation is successful, the computer is automatically added to the Managed computers
administration group.
Remote application installation may return an error: for example, if another such application has been already
installed to the computer. Installation tasks that have returned an error, are displayed on the list of tasks with the
Installation error status. If remote application installation to one or more computers returns an error, you can install
the application locally.
You can run only one remote installation task at once. If you run one more remote installation task before the current
remote installation completes, the latter will be stopped.
SEE ALSO:
1. Open the main application window (see section "Application interface" on page 11).
If at least one remote installation of an application has been started, the panel on the left displays the List of
installations link.
3. Click the List of installations link to open the List of active installations window. The List of active
installations window contains a list of application installations to computers on your network.
Installation in progress remote installation of the application has not yet completed.
Installation error remote installation of the application has completed with an error. We recommend that you
install the application manually.
31
USER GUIDE
SEE ALSO:
Manual installation with the distribution package. You can download the application distribution package to a
computer and perform installation manually, following the Distribution Package Installation Wizard's instructions.
Manual installation (also referred to as manual installation mode) requires your immediate participation in
application installation to each computer. You can allow users of your network to perform unassisted manual
installation of applications to their computers, by moving distribution packages to a shared network folder. A
user account on a computer or in a network domain should have rights required for installation of applications to
the target computer.
Installation using an installation package. To perform application installation in this way, you should publish the
application installation package. After publishing, Kaspersky Security Center Web-Console provides a link to the
published installation package. Then you can use this link to download the published installation package to the
computer and run it. After running the published installation package, the application installation will be
performed automatically. You can allow users of your network to perform unassisted installation of applications
to their computers using published installation packages; to do this, send users links to published installation
packages (for example, by email).
IN THIS SECTION:
1. Open the main application window (see section "Application interface" on page 11).
3. Click the Add package link in the left part of the window to open the Add packages window.
A window opens displaying a list of installation packages that you can publish.
4. Select the check boxes for installation packages that you want to publish. If you want to publish all of the
installation packages on the list, select the check box next to the Installation package name header.
32
INSTA LLING APPLICATIONS TO NETWOR KED C OMPUTERS
The statuses of the installation packages that you have selected changes to Publishing. Publishing of the
selected installation packages starts.
Publishing of installation packages continues in automatic mode. After the publishing completes, the installation
packages are added to the list of published installation packages.
Published installation packages are stored on Administration Server. Kaspersky Security Center Web-Console provides
links for downloading published installation packages. You can send those links to users of your network.
SEE ALSO:
1. Open the main application window (see section "Application interface" on page 11).
3. Click the List of packages link in the left part of the window to open the List of installation packages window.
The list contains the following information about published installation packages:
Installation package URL. A URL used to download the published installation package from the local network.
If a newer version of the installation package is available on Administration Server, you can update the package by
clicking the Update button located next to the installation package.
You can send links to published installation packages to users of your network (for example, by email). Users of your
network can use them for downloading published installation packages to their computers and for installing applications.
SEE ALSO:
1. Open the main application window (see section "Application interface" on page 11).
33
USER GUIDE
3. Click the List of packages link in the left part of the window to open the List of installation packages window.
4. On the list, find the installation package for which you want to cancel publishing, and click the Block access
button in the corresponding line.
The text package deleted, access blocked appears in the line. Publishing of the selected installation package
will be canceled. The package becomes unavailable for download.
5. To close the List of installation packages window, click the Close button.
After publishing is canceled, the installation package is deleted from Administration Server and becomes unavailable
for download. The link to the installation package becomes inactive.
SEE ALSO:
1. Download a published installation package to the computer to which you want the application installed. To do
this, use the link received after publishing of the installation package.
To find the link that you should click to download the published installation package from the local network, open
the list of published packages (see section "Viewing the list of published installation packages" on page 33).
2. Run the published installation package. After you have run it, the installation will be performed automatically.
1. Open the main application window (see section "Application interface" on page 11).
3. Click the Add computer link in the pane to the left to start the Application Setup Wizard.
4. Click the Install locally to each computer using downloaded distribution package button.
If the application has detected no published installation packages, you will be prompted to publish installation
packages (see section "Publishing installation packages" on page 32). After installation packages are published,
the application installation continues.
34
INSTA LLING APPLICATIONS TO NETWOR KED C OMPUTERS
5. Select the installation package that you want to install manually To do this, click the Download button next to
the application name.
7. Run the installation package of the application on each of the computers where you want the application
installed. Then follow the instructions of the installation package wizard.
Computers to which the application is successfully installed are automatically added to the Managed computers
administration group.
These computers are displayed on the list of computers the next time you log on to Kaspersky Security Center W eb-
Console portal or refresh the list of computers.
If an error message is displayed during the installation, contact your service provider's administrator.
SEE ALSO:
35
MANAGING POLICIES
Policy is a collection of application settings defined for an administration group. By using policies, you can specify
common values for the application settings in a centralized manner for all the client computers in an administration
group, as well as forbid any changes in the settings to be made locally via the application interface. The policy does not
define all the application settings.
Several policies with different values can be defined for a single application. However, there can be only one active
policy for an application at a time. There is the capability to activate a disabled policy on a certain event. This means that
you can, for example, enforce stricter anti-virus protection settings during virus outbreaks.
The program can run in different ways for different groups of settings. Each group can have its own policy for an
application.
Also, policies for mobile users can be created. If connection between Administration Server and a client computer is
interrupted, the client computer starts running under the policy for mobile users (if it is defined), or the policy keeps
running under the applied settings until the connection is re-established.
After a policy is deleted or revoked, the application continues working with the settings specified in the policy. Those
settings can be subsequently modified manually.
IN THIS SECTION:
1. Open the main application window (see section "Application interface" on page 11).
4. In the left part of the window select an administration group for which you want to view a list of policies:
36
MANAGING POLICIES
A list of policies for the selected administration group is displayed on the screen (see figure below).
Policy name
Name of the application for which the policy has been created.
To view information about a specific policy, use the following interface elements to find it on the list:
Buttons Goes to the next / previous, first / last page of the list of policies.
Icon in the column header Sorts entries on the list of policies by column value in ascending or descending
alphabetical order.
ACTIVATING A POLICY
To make a policy active for a selected administration group:
1. In the main application window (see section "Application interface" on page 11), on the Infrastructure tab select
the Policies tab.
3. From the dropdown list, in the Status column select the Active value.
As a result, the policy becomes active for the selected administration group.
When a policy is applied to a large number of clients, both the load on the Administration Server and the network traffic
increase significantly for a period of time.
37
USER GUIDE
1. In the main application window (see section "Application interface" on page 11), on the Infrastructure tab select
the Policies tab.
2. From the list select a policy that you want to apply to mobile users.
3. From the dropdown list, in the Status column select the For mobile users value.
As a result, the policy applies to the computers in case they are disconnected from the enterprise network.
DELETING A POLICY
To delete a policy:
1. In the main application window (see section "Application interface" on page 11), on the Infrastructure tab select
the Policies tab.
2. From the list select the policy that you want to delete.
4. In the window that opens, confirm the operation by clicking the Yes button.
38
MANAGING TASKS
Administration Server manages applications installed on client computers, by creating and running tasks. Tasks are
required for installing, launching and stopping applications, scanning files, updating databases and software modules,
and taking other actions on applications.
You can start and stop tasks, view run results, and delete tasks.
The run results of tasks are saved both on Administration Server in a centralized manner and locally on each client
computer.
IN THIS SECTION:
1. Open the main application window (see section "Application interface" on page 11).
4. In the left part of the window select an administration group for which you want to view a list of tasks:
39
USER GUIDE
A list of tasks for the selected administration group is displayed on the screen (see figure below).
Task name
The name of the application for which the task has been created.
The bottom part of the window displays the run statistics for the task selected from the list of tasks.
To view information about a specific task, use the following interface elements to find it on the list:
Buttons Goes to the next / previous, first / last page of the list of tasks.
Icon in the column header Sorts entries on the list of tasks by column value in ascending or descending
alphabetical order.
40
MANAGING TASKS
1. In the main application window (see section "Application interface" on page 11), on the Infrastructure tab select
the Tasks tab.
2. From the list select a task that you want to start or stop.
Tasks are launched on a client only if the application for which the task was created is running. When the application is
not running, all running tasks are canceled.
1. In the main application window (see section "Application interface" on page 11), on the Infrastructure tab select
the Tasks tab.
2. From the list of tasks select one for which you want to view the run results.
The run results for the selected task are displayed in the window that opens.
DELETING TASKS
To delete a task, perform the following steps:
1. In the main application window (see section "Application interface" on page 11), on the Infrastructure tab select
the Tasks tab.
2. From the list of tasks select one that you want to delete.
4. In the window that opens, confirm the task deletion by clicking the Yes button.
41
WORKING WITH REPORTS
This section provides instructions on how to perform the following operations on reports provided by Administration
Server to which the application is connected: view, print, send by email, and save report data to a file.
IN THIS SECTION:
About reports............................................................................................................................................................ 42
Actions on reports..................................................................................................................................................... 42
Viewing reports......................................................................................................................................................... 43
ABOUT REPORTS
Kaspersky Security Center Web-Console allows you to gain access to reports of Administration Server to which the
application is connected.
Reports provide various information about the status of the protection system covering computers managed by
Administration Server.
The list of available reports is created by your service provider's administrator. The list of reports may vary depending on
the access rights assigned to your account.
ACTIONS ON REPORTS
You can perform the following operations on Administration Server reports:
View reports
You can view reports published for you by the service provider's administrator. The reports are read-only. You
cannot modify them.
Export reports
After viewing a report, you can export it and save it, for example, for later analysis and processing. You can
export a report to one of three formats: HTML, XML, or PDF.
Administration Server permits automatic delivery of reports by email. You may need to configure Kaspersky
Security Center Web-Console to deliver reports by email to you and other staff members involved in anti-virus
protection of your network (for example, system administrators or other IT specialists).
You can manage automatic report delivery by modifying the delivery settings: set of delivered reports and list of
recipients' email addresses. All recipients in the list receive the same set of reports.
42
WORKING WITH R EPOR TS
SEE ALSO:
Viewing reports......................................................................................................................................................... 43
VIEWING REPORTS
To view a report:
1. Open the main application window (see section "Application interface" on page 11).
3. In the left part of the window, from the list of reports, select a report that you want to view (see figure below).
In the right part of the window, the report contents are displayed. In the upper-right part of the window, the date and time
of the report creation are displayed.
43
USER GUIDE
Click the button located in the top right corner of the window.
EXPORTING REPORTS
To export a report:
1. Open the main application window (see section "Application interface" on page 11).
3. In the left part of the window, click a report that you want to export.
In the right part of the window, the report contents are displayed.
4. In the upper part of the window, click the link for the export format you want:
The report in the selected format opens in the web browser window or in the window of a viewing application
associated with the selected format (such as Acrobat Reader, for .pdf).
5. Save the report to file by using browser tools or the viewing application.
1. Open the main application window (see section "Application interface" on page 11).
3. Click the link in the upper part of the main window to open the Configuring reports delivery window.
4. In the list of reports, select the check boxes next to reports that you want to include in the delivery. If you want to
include all reports in the delivery, select the check box next to Report type.
To remove an email address from the delivery list, select an address that you want to remove and click the
Remove button.
44
WORKING WITH R EPOR TS
a. In the delivery list select the email address that you intend to modify.
b. Change the email address in the Recipient address field and click the button.
45
CHANGING YOUR ACCOUNT PASSWORD
You can change the password of your account after you log in to Kaspersky Security Center Web-Console. You might
have to change your password, for example, if you want to set a password that is easier to remember.
1. Open the main application window (see section "Application interface" on page 11).
2. In the upper-right corner of the screen, click the Change password link and open the Change password
window.
3. In the New password and Confirm password text boxes enter the new password.
46
LOGGING OFF KASPERSKY SECURITY
CENTER WEB-CONSOLE
You can log off Kaspersky Security Center Web-Console from any tab of the application interface.
To exit the application, you should first log off Kaspersky Security Center Web-Console.
If you exit the web browser without logging off (for example, by closing the window or the web browser tab), the sessions
remains active for the next 24 hours.
from the main application window (see section "Application interface" on page 11), click the Log out link in the top
right corner of the window.
You have just logged off Kaspersky Security Center Web-Console. In the web browser an entry window for user
name and password opens (see section "Connecting to Administration Server" on page 14).
47
GLOSSARY
A
ADMI NIS TRAT I ON SERV ER
A component of Kaspersky Security Center that centrally stores information about all Kaspersky Lab applications that are
installed within the corporate network. It can also be used to manage these applications.
A set of computers grouped together in accordance with the performed functions and the Kaspersky Lab applications
installed on those machines. Computers are grouped for convenience of management as one single entity. A group can
include other groups. A group can contain group policies for each application installed in it and appropriate group tasks.
An organization that provides anti-virus protection services based on Kaspersky Lab solutions.
C
CLIE NT AD MI NIS TRAT OR
A staff member of a client company who is responsible for the anti-virus protection status.
H
HTTPS
Secure protocol for data transfer, using encryption, between a web browser and a web server. HTTPS is used to gain
access to restricted information, such as corporate or financial data.
I
INSTA LLATI ON PAC KA GE
A set of files created for remote uninstallation of a Kaspersky Lab application by using the remote administration system
named Kaspersky Security Center Web-Console. An installation package is created based on special files with the .kpd
and .kud extensions that are included in the application distribution package; it contains a set of settings required for
application setup and its configuration for normal functioning immediately after installation. Parameter values correspond
to application defaults.
J
JAVASCRIPT
A programming language that expands the performance of web pages. Web pages created using JavaScript can perform
functions (for example, change the view of interface elements or open additional windows) without refreshing the web
page with new data from a web server. To view pages created by using JavaScript, enable the JavaScript support in the
configuration of your web browser.
L
LOCA L I NSTA LLATI ON
Installation of an anti-virus application to a computer on an organization's network that presumes a manual startup of the
installation process from the distribution package of the anti-virus application or a manual startup of a published
installation package that has been downloaded to the computer preliminarily.
48
GLOSSARY
M
MANA GE D COMPUTERS
MANUA L I NS TA LLA TI ON
Installation of an anti-virus application to a computer on an organization's network from the distribution package of the
anti-virus application. Manual installation requires an immediate participation of an administrator or another IT specialist.
Usually manual installation is done if remote installation has completed with an error.
N
NETWOR K A NT I-VIR US P R OTE CTI ON
A set of technical and organizational measures that lower the probability that viruses and spam will penetrate an
enterprise network, and that block network attacks, phishing, and other threats. Network security increases when anti-
virus applications and services are used and when a corporate information security policy is in place.
The current protection status, which defines the safety of corporate network computers. The network protection status
includes such factors as installed anti-virus applications, use of keys, and number and types of detected threats.
R
REMOTE I NS TALLAT I ON
Installation of Kaspersky Lab applications by using services provided by Kaspersky Security Center Web-Console.
S
SSL
A data encryption protocol on the Internet and local networks. SSL is used in web applications to create secure
connection between a client and a server.
A staff member at an anti-virus protection service provider. This administrator performs installation and maintenance jobs
for anti-virus protection systems based on Kaspersky Lab anti-virus products and also provides technical support to
customers.
U
UPDATE AGE NT
Computer acting as an intermediate source for distribution of updates and installation packages in an administration
group.
W
WEB P OR TAL
A means of access over a web browser to the features of Kaspersky Security Center Web-Console. A web portal
consists of web pages that contain text and graphical information and management add-ins for Kaspersky Security
Center Web-Console SPE. Web pages open in the web browser after you log on to the web portal. To log on to a web
portal, you must have the web portal address, account name and password.
49
KASPERSKY LAB ZAO
Kaspersky Lab software is internationally renowned for its protection against viruses, malware, spam, network and
hacker attacks, and other threats.
In 2008, Kaspersky Lab was rated among the worlds top four leading vendors of information security software solutions
for end users (IDC Worldwide Endpoint Security Revenue by Vendor). Kaspersky Lab is the preferred developer of
computer protection systems among home users in Russia, according to the COMCON survey "TGI-Russia 2009".
Kaspersky Lab was founded in Russia in 1997. Today, it is an international group of companies headquartered in
Moscow with five regional divisions that manage the company's activity in Russia, Western and Eastern Europe, the
Middle East, Africa, North and South America, Japan, China, and other countries in the Asia-Pacific region. The
company employs more than 2000 qualified specialists.
Products. Kaspersky Labs products provide protection for all systemsfrom home computers to large corporate
networks.
The personal product range includes anti-virus applications for desktop, laptop, and pocket computers, and for
smartphones and other mobile devices.
Kaspersky Lab delivers applications and services to protect workstations, file and web servers, mail gateways, and
firewalls. Used in conjunction with Kaspersky Labs centralized management system, these solutions ensure effective
automated protection for companies and organizations against computer threats. Kaspersky Lab's products are certified
by the major test laboratories, are compatible with the software of many suppliers of computer applications, and are
optimized to run on many hardware platforms.
Kaspersky Labs virus analysts work around the clock. Every day they uncover hundreds of new computer threats, create
tools to detect and disinfect them, and include them in the databases used by Kaspersky Lab applications. Kaspersky
Lab's Anti-Virus database is updated hourly; and the Anti-Spam database every five minutes.
Technologies. Many technologies that are now part and parcel of modern anti-virus tools were originally developed by
Kaspersky Lab. It is no coincidence that many other developers use the Kaspersky Anti-Virus kernel in their products,
including: SafeNet (USA), Alt-N Technologies (USA), Blue Coat Systems (USA), Check Point Software Technologies
(Israel), Clearswift (UK), CommuniGate Systems (USA), Critical Path (Ireland), D-Link (Taiwan), M86 Security (USA),
GFI (Malta), IBM (USA), Juniper Networks (USA), LANDesk (USA), Microsoft (USA), NETASQ (France), NETGEAR
(USA), Parallels (Russia), SonicWALL (USA), WatchGuard Technologies (USA), ZyXEL Communications (Taiwan).
Many of the companys innovative technologies are patented.
Achievements. Over the years, Kaspersky Lab has won hundreds of awards for its services in combating computer
threats. For example, in 2010 Kaspersky Anti-Virus received a few top Advanced+ awards in a test held by AV-
Comparatives, an acknowledged Austrian anti-virus laboratory. But Kaspersky Lab's main achievement is the loyalty of
its users worldwide. The companys products and technologies protect more than 300 million users, and its corporate
clients number more than 200,000.
50
INFORMATION ON THE THIRD-PARTY CODE
IN THIS SECTION:
FCGI-2.4.1-SNAP-0910052249................................................................................................................................. 51
MOD_FCGI-SNAP-0910052141................................................................................................................................ 52
-----------------------------------------------------------------------------
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to
whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the
Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
FCGI-2.4.1-SNAP-0910052249
fcgi-2.4.1-SNAP-0910052249
-----------------------------------------------------------------------------
This FastCGI application library source and object code (the "Software") and its documentation (the "Documentation")
are copyrighted by Open Market, Inc ("Open Market"). The following terms apply to all files associated with the Software
and Documentation unless explicitly disclaimed in individual files.
Open Market permits you to use, copy, modify, distribute, and license this Software and the Documentation for any
purpose, provided that existing copyright notices are retained in all copies and that this notice is included verbatim in any
distributions. No written agreement, license, or royalty fee is required for any of the authorized uses. Modifications to this
51
USER GUIDE
Software and Documentation may be copyrighted by their authors and need not follow the licensing terms described
here. If modifications to this Software and Documentation have new licensing terms, the new terms must be clearly
indicated on the first page of each file where they apply.
OPEN MARKET MAKES NO EXPRESS OR IMPLIED WARRANTY WITH RESPECT TO THE SOFTWARE OR THE
DOCUMENTATION, INCLUDING WITHOUT LIMITATION ANY WARRANTY OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL OPEN MARKET BE LIABLE TO YOU OR ANY THIRD PARTY
FOR ANY DAMAGES ARISING FROM OR RELATING TO THIS SOFTWARE OR THE DOCUMENTATION,
INCLUDING, WITHOUT LIMITATION, ANY INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES OR SIMILAR
DAMAGES, INCLUDING LOST PROFITS OR LOST DATA, EVEN IF OPEN MARKET HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. THE SOFTWARE AND DOCUMENTATION ARE PROVIDED "AS IS". OPEN
MARKET HAS NO LIABILITY IN CONTRACT, TORT, NEGLIGENCE OR OTHERWISE ARISING OUT OF THIS
SOFTWARE OR THE DOCUMENTATION.
-----------------------------------------------------------------------------
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the
Software is furnished to do so, provided that the above copyright notice(s) and this permission notice appear in all copies
of the Software and that both the above copyright notice(s) and this permission notice appear in supporting
documentation.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS
INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL
DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER
IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Except as contained in this notice, the name of a copyright holder shall not be used in advertising or otherwise to
promote the sale, use or other dealings in this Software without prior written authorization of the copyright holder.
MOD_FCGI-SNAP-0910052141
mod_fcgi-SNAP-0910052141
-----------------------------------------------------------------------------
This FastCGI application library source and object code (the "Software") and its documentation (the "Documentation")
are copyrighted by Open Market, Inc ("Open Market"). The following terms apply to all files associated with the Software
and Documentation unless explicitly disclaimed in individual files.
Open Market permits you to use, copy, modify, distribute, and license this Software and the Documentation solely for the
purpose of implementing the FastCGI specification defined by Open Market or derivative specifications publicly endorsed
by Open Market and promulgated by an open standards organization and for no other purpose, provided that existing
copyright notices are retained in all copies and that this notice is included verbatim in any distributions.
52
INFORMA TION ON THE THIRD-PARTY COD E
No written agreement, license, or royalty fee is required for any of the authorized uses. Modifications to this Software
and Documentation may be copyrighted by their authors and need not follow the licensing terms described here, but the
modified Software and Documentation must be used for the sole purpose of implementing the FastCGI specification
defined by Open Market or derivative specifications publicly endorsed by Open Market and promulgated by an open
standards organization and for no other purpose. If modifications to this Software and Documentation have new
licensing terms, the new terms must protect Open Market's proprietary rights in the Software and Documentation to the
same extent as these licensing terms and must be clearly indicated on the first page of each file where they apply.
Open Market shall retain all right, title and interest in and to the Software and Documentation, including without limitation
all patent, copyright, trade secret and other proprietary rights.
OPEN MARKET MAKES NO EXPRESS OR IMPLIED WARRANTY WITH RESPECT TO THE SOFTWARE OR THE
DOCUMENTATION, INCLUDING WITHOUT LIMITATION ANY WARRANTY OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL OPEN MARKET BE LIABLE TO YOU OR ANY THIRD PARTY
FOR ANY DAMAGES ARISING FROM OR RELATING TO THIS SOFTWARE OR THE DOCUMENTATION,
INCLUDING, WITHOUT LIMITATION, ANY INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES OR SIMILAR
DAMAGES, INCLUDING LOST PROFITS OR LOST DATA, EVEN IF OPEN MARKET HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES. THE SOFTWARE AND DOCUMENTATION ARE PROVIDED "AS IS". OPEN
MARKET HAS NO LIABILITY IN CONTRACT, TORT, NEGLIGENCE OR OTHERWISE ARISING OUT OF THIS
SOFTWARE OR THE DOCUMENTATION.
53
TRADEMARK NOTICE
The registered trademarks and service marks are the property of their owners.
Fedora and Infinity design logo are trademarks owned by Red Hat, Inc.
Microsoft, Windows, Windows Vista, and Internet Explorer are trademarks owned by Microsoft Corporation and
registered in the United States of America and elsewhere.
Linux is a trademark owned by Linus Torvalds and registered in the United States of America and elsewhere.
Red Hat and Red Hat Enterprise Linux are trademarks owned by Red Hat, Inc. and registered in the United States of
America and elsewhere.
Mac OS, Safari, Leopard, Snow Leopard, and Tiger are registered trademarks owned by Apple Inc.
54
INDEX
A
Account ................................................................................................................................................................ 13
name .............................................................................................................................................................. 13
password ................................................................................................................................................... 13, 46
settings ........................................................................................................................................................... 13
Administration groups ...................................................................................................................................... 15, 21
Administration server ......................................................................................................................................... 8, 15
connection ...................................................................................................................................................... 14
Anti-virus application............................................................................................................................................. 25
Anti-Virus protection
service provider ................................................................................................................................................. 8
Anti-Virus protection service provider ...................................................................................................................... 8
Anti-Virus security................................................................................................................................................... 8
Automatic delivery of reports ............................................................................................................................ 42, 44
C
Client ..................................................................................................................................................................... 8
Client administrator ............................................................................................................................................. 5, 8
Computer properties ............................................................................................................................................. 23
Computer status ................................................................................................................................................... 15
Computers ........................................................................................................................................................... 15
IP address ...................................................................................................................................................... 23
list................................................................................................................................................................... 21
managed.............................................................................................................................................. 15, 21, 23
name ......................................................................................................................................................... 15, 23
properties........................................................................................................................................................ 23
unassigned .......................................................................................................................................... 15, 21, 23
Connection ........................................................................................................................................................... 14
H
HTTPS ................................................................................................................................................................... 8
I
Informational area................................................................................................................................................. 11
Installation
manual............................................................................................................................................................ 34
remote ............................................................................................................................................................ 28
wizard ............................................................................................................................................................. 28
Installation package .............................................................................................................................................. 25
J
JavaScript ............................................................................................................................................................ 13
K
Kaspersky Anti-Virus .............................................................................................................................................. 8
Kaspersky Lab...................................................................................................................................................... 50
M
Main window ........................................................................................................................................................ 11
55
USER GUIDE
N
Network protection status...................................................................................................................................... 15
P
Protection status ................................................................................................................................................... 15
R
Real-time protection status.................................................................................................................................... 15
critical ............................................................................................................................................................. 15
Ok .................................................................................................................................................................. 15
warning ........................................................................................................................................................... 15
Reports ................................................................................................................................................................ 42
automatic delivery ...................................................................................................................................... 42, 44
saving to file ............................................................................................................................................... 42, 44
viewing ...................................................................................................................................................... 42, 43
S
Security message ................................................................................................................................................. 15
list................................................................................................................................................................... 15
Service provider's administrator ......................................................................................................................... 8, 25
Session ................................................................................................................................................................ 47
closing ............................................................................................................................................................ 47
Software requirements .......................................................................................................................................... 10
SSL........................................................................................................................................................................ 8
W
Web browser ............................................................................................................................................... 8, 10, 13
Web interface ......................................................................................................................................................... 8
Web portal.............................................................................................................................................................. 8
address........................................................................................................................................................... 13
56